Internal server details (inbound decryption)

Add internal servers you wish to protect by decrypting and optionally inspecting traffic directed to them. You specify these servers using network objects and optionally ports.

Networks control or decrypt traffic by its source and destination IP address, using inner headers. Tunnel rules, which use outer headers, have tunnel endpoint conditions instead of network conditions.

You can use predefined objects to build network conditions, or manually specify individual IP addresses or address blocks.

Minimize the number of matching criteria whenever possible, especially those for security zones, network objects, and port objects. When you specify multiple criteria, the system must match against every combination of the contents of the criteria you specify.

For more information, see Add internal servers.